Public bug reported:
[Impact]
Apache 2.2.26 add support for ECC keys and ECDH ciphers wich offers security
improvements to SSL connections and potentialy limit the vector of attacks
agains bugs like Heartbleed and allows the use of forward secrecy.
Since Ubuntu 12.04 is supported until April 2017 this feature should be
backported for those people that can't/want upgrade to Apache 2.4+
(Ubuntu 14.04) in the near term.
[Test Case]
Test a cipher suite using ECDH with no success.
openssl s_client -cipher "ECDHE-RSA-AES128-SHA256" -connect localhost:443
[Regression Potential]
The regression potential is near to zero, since it just adds more ciphers to
Apache.
** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/1346498
Title:
[SRU] Apache mod_ssl: enable support for ECC keys and ECDH ciphers.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1346498/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
